Multi-step upgrade from Astaro 7, using backup files.
Firmware version: 9.309-3
Streaming Network (NIC in Sophos - 192.168.0.0/24) --> router --- laptop (streaming network - 192.168.1.0/24)
NAT Frontier network --> External (WAN)
NO static routes/OSPF/PIM-SIM.
SOCKS proxy only on Internal network (Proxy is off for testing)
I have a couple of networks in my box.
0. External (WAN)
1. Internal (Trusted - very locked down)
2. Frontier (Very open - outbound)
3. Hacklab (WIDE OPEN - outbound)
I have several rules in my firewall.
1. Frontier --> Any ALLOW (Any Service)
2. Internal --> Block exceptions ALLOW (Any service)
3. Internal --> Blocked-Stuff BLOCKED (Any service)
4. Other rules...
5. Any --> Any BLOCKED (Any service) -- last rule.
When I take a look at the live log, I only see IPs in my trusted network and NONE in my frontier network, even under heavy use. (Not in Proxy, and proxy is off for testing).
I know that rule 1 is working as I can get to a .cn site on it, but I cannot on my trusted network. (CIDR blocking of China on Trusted network.)
Going to any HTTP or HTTPS site should trigger rule #1 and show up in the log, but it does not.
I did a 1 gig download off the frontier network from IP 80.249.99.148 and it did not show up in the live preview. I viewed the log (not live) and that IP was not in the log even though it was up to date. I was downloading this huge test file as you can see here:
How am I not going through the firewall???
I am building a new box from scratch, but I want to learn what I did wrong so I do not do it again.
Thank you,
C68
This thread was automatically locked due to age.
